guix: Use DOS newlines for SHA256SUMS files #29147
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process. |
Not sure. Wasn't the goal the exact opposite, so that it is easier to |
You can still do that with the content in the file. Furthermore, this change does not require us to produce an attached SHA256SUMS.asc, it only enables us to do so if desired. |
OpenPGP specifies that plain text should use CR LF for newlines. By doing so, it becomes possible to include the hashes directly in the .asc file.
luke-jr
force-pushed
the
guix_attachable_sigs
branch
from
767a086
to
78afc76
Compare
|
It seems @DrahtBot stops short of making the full SHA256SUMS file? |
It would be good to list at least one benefit, otherwise the benefits of this change are unclear. |
Having a single file to download for the signatures is simpler for end users. |
|
It seems this isn't enough - OpenPGP explicitly identifies the data as either binary or text: https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.1 So I guess the only way to support a combined file would be to use |
|
Apparently stripping the final newline would fix this, but a new issue arose: if the signature is detached, it will only verify a pre-canonicalized (DOS-encoded and final newline stripped) file. Some So IF we're okay with the combined file ONLY being clearsign format (which can then be UNIX newlines again), I can fix this PR. Or someone could spend more time to figure out why The UX for downloading two verification files sucks IMO. I think we should just go for the clearsign option, even if it's exclusive. Thoughts? |
OpenPGP specifies that plain text should use CR LF for newlines. By doing so, it becomes possible to include the hashes directly in the .asc file.
(Currently untested, looking for Concept ACKs)